WO 2005/041040 



16 



PCT/SG2004/000255 



Claims 

1 . A method to detect and geographically locate a rogue user wirelessly 
accessing a computer network, the method comprising: 

a. deploying at least one Network Management System program; 

b. mapping a geographical area covered by the wireless computer 
network into at least one island; 

c. measuring at least one network performance parameter for each 
island to obtain a spatial performance model; 

d. deriving a performance index for each island based on the at least 
one performance parameter; 

e. identifying a potential rogue user based at least on his Media Access 
Control (MAC) address and Internet Protocol (IP) address; 

f. measuring at least one performance parameter of the potential rogue 
user; 

g. deriving at least one performance index for the potential rogue user; 

h. determining location of the potential rogue user by comparing the 
performance index of the potential rogue user with historical, 
average performance indices of each island pertinent to the current 
time of detection: and 

i. effecting at least one network security measure against the rogue 
user. 

2. A method further to Claim 1 , the mapping further comprises pre-identifying 
at least one island. 

3. A method further to Claim 1 , the deriving at least one network performance 
index for each island further comprising: 

a. obtaining the differences between the captured values of the 
performance parameter of rogue user and the performance 
parameter in the spatial performance model; 

b. determining the minimum value for each difference; 



WO 2005/041040 



PCT/SG2004/000255 



17 

c. normalizing the values for each difference to obtain rank number; 
and 

d. summing the rank numbers for each island to obtain its performance 
index. 

4. .A method further to Claim 1 , the deriving at least one network performance 

index for each island further comprising: 

a. determining the minimum values of each performance parameter in 
the spatial performance model; 

b. normalizing the values of each performance parameter in the spatial 
performance model and captured performance parameters of rogue 
user to obtain the rank numbers; 

c. obtaining the differences between the rank numbers of performance 
parameters in spatial performance model and the captured 
performance parameters of rogue user; and 

d. summing the differences for each island to obtain its performance 
index. 

5. A method further to Claim 1 wherein the deriving of at least one 
performance index further comprising dynamically re-mapping the islands 
previously mapped based on the current performance index of each island 
at time intervals. 

6. A method further to Claim 1 wherein the deriving of the performance index 
of the potential rogue user is substantially similar to the deriving of the 
performance index for each island. 

7. A method further to Claim 1 , the determining of the geographical location of 
the potential rogue user by comparing further comprising matching the 
performance indices of the at least one island with the performance index of 
the potential rogue user. 
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8. A method further to Claiml , the effecting at least one network security 
measure further comprising: 

logging particulars of the rogue user, 
displaying geographically location of the rogue user, 
denying access to the rogue user, and 
prosecuting the rogue user. 

9. A system to detect and geographically locate a rogue user wirelessly 
accessing a computer network, the system comprising: 

a computer network with at least one wireless access point, 

at least one processor, 

at least a network management system, 

at least one storage means, and 

at least one implementation of the algorithm of the present invention 
wherein the rogue user is able to be geographically located without having 
the computer network's user having to be physically in the vicinity of the 
rogue user. 

10. A system according to Claim 9, the computer network further comprising 
wireless access points which are connected to the wired computer network. 

11. A system further to Claim 9, the at least one network management system 
further comprising at least one storage means further comprising storage of 
network performance parameter values, derived network performance 
characteristics and mapped islands covered by the at least one wireless 
access point. 

12. A system further to Claim 9, the at least one storage means further 
comprising storage of network performance parameter values, derived 
network performance characteristics and mapped islands covered by the at 
least one wireless access point. 
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13. A system further to Claim 9, wherein the at least one storage means may 
be part of the at least one network management system. 

1 4. A system further to Claim 9, the at least one implementation of the 
algorithm of the present invention able to geographically locate the rogue 
user by matching at least one network performance characteristic of the 
rogue user with at least one network performance characteristic of at least 
one pre-mapped island of the network around the at least one wireless 
access point. 



